I have a mosquitto mqtt broker server set up, and the setup is currency working.
The problem, however, is that any origin can currently connect to my instance over websockets, which causes a security issue.
How do I limit that to a set of origins? I could not find anything in the documentation regarding this.
This is no different to native MQTT.
You have 3 options:
Enable authentication and set up an ACL so only authenticated clients can connect (set allow_anonymous false
and either set up a password file or add the authentication plugin in the config file)
Set up a firewall to drop connections from unknown hosts
Edit